chore(deps): Bump aws-cdk-lib from 2.232.2 to 2.233.0 in /cdk in the cdk-deps group

[dependabot]

Bumps the cdk-deps group in /cdk with 1 update: aws-cdk-lib.

Updates aws-cdk-lib from 2.232.2 to 2.233.0

Release notes

Sourced from aws-cdk-lib's releases.

v2.233.0

⚠ BREAKING CHANGES

CHANGES TO L1 RESOURCES: L1 resources are automatically generated from public CloudFormation Resource Schemas. They are built to closely reflect the real state of CloudFormation. Sometimes these updates can contain changes that are incompatible with previous types, but more accurately reflect reality. In this release we have changed:

aws-ec2: AWS::EC2::EC2Fleet: DefaultTargetCapacityType property is now immutable.
aws-ec2: AWS::EC2::EC2Fleet: TargetCapacityUnitType property is now immutable.

Features

• update L1 CloudFormation resource definitions (#36390) (a6077a2)
• events-targets: support messageGroupId for standard SQS queues (#36068) (95d4ed5)
• update L1 CloudFormation resource definitions (#36367) (e551afe)
• codebuild: add support for macOS 15 runners (#35836) (1b8b4e3)
• route53-patterns: HttpsRedirect use Distribution as the default CloudFront distribution (under feature flag) (#34312) (e2987eb), closes #31546
• update L1 CloudFormation resource definitions (#36326) (cb82627)
• ec2: add Interface VPC Endpoints for ACM and ACM-PCA (#35890) (06e6b25)
• route53: support failover routing policy for record sets (#35909) (9395467), closes #35910

Bug Fixes

• aws-cdk-lib: make grants factory methods public (#36317) (7dde625)
• ci: checkout the pr head instead of the default main head (#36311) (a1cbcf9), closes /github.com/aws/aws-cdk/blob/main/.github/workflows/integration-test-deployment.yml#L39C11-L39C57
• cloudtrail: do not attach s3 bucket permission when orgId is not set for organization trail (#30778) (61ee074), closes #30490
• custom-resources: waiter state machine retry fails with ExecutionAlreadyExists (#35988) (36ea606), closes #35957
• ecs: removal of canContainersAccessInstanceRole instance role (#36362) (7395b41)
• pipelines: propagate CodeBuild fleet and certificate (#35673) (71cfd60), closes #35664
• region-info: standalone use of @aws-cdk/region-info throws an Cannot find module 'aws-cdk-lib/core/lib/errors' error (#36414) (01c7d2e), closes #36399
• ci fix for spec updater workflow (#36364) (a0b42cc)
• re-export of ResourceEnvironment is not an alias (#36370) (ba8e194)

---

Alpha modules (2.233.0-alpha.0)

⚠ BREAKING CHANGES

• bedrock-agentcore-alpha: Runtime constructs will no longer automatically include lifecycleConfiguration with default values when not explicitly specified by users.
• elasticache-alpha: The engine property in NoPasswordUserProps has been removed.

Bug Fixes

• bedrock-agentcore-alpha: runtime construct incorrectly forces default lifecycleConfiguration values (#36379) (7954354), closes #36376
• elasticache-alpha: the default engine for NoPasswordUser contradict in the docs (#35920) (495fa37), closes #35847
• mixins-preview: improving delivery source and delivery destination creation (#36314) (86092ab)

Changelog

Sourced from aws-cdk-lib's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

2.233.0-alpha.0 (2025-12-18)

⚠ BREAKING CHANGES

• bedrock-agentcore-alpha: Runtime constructs will no longer automatically include lifecycleConfiguration with default values when not explicitly specified by users.
• elasticache-alpha: The engine property in NoPasswordUserProps has been removed.

Bug Fixes

• bedrock-agentcore-alpha: runtime construct incorrectly forces default lifecycleConfiguration values (#36379) (7954354), closes #36376
• elasticache-alpha: the default engine for NoPasswordUser contradict in the docs (#35920) (495fa37), closes #35847
• mixins-preview: improving delivery source and delivery destination creation (#36314) (86092ab)

2.232.2-alpha.0 (2025-12-12)

2.232.1-alpha.0 (2025-12-05)

2.232.0-alpha.0 (2025-12-04)

Bug Fixes

• bedrock-agentcore-alpha: use static construct ID for asset-based runtime artifacts (#36241) (e2bdddd), closes #35968
• mixins-preview: service exports are different then in aws-cdk-lib (#36201) (5858006), closes #36210
• mixins-preview: strongly-typed ConstructSelector interface (#36266) (1d2f473)

2.231.0-alpha.0 (2025-12-01)

Features

• glue-alpha: support Glue Version 5.1 (#36223) (b956492)
• imagebuilder-alpha: add support for Image Construct (#36154) (eee3ae6), closes aws/aws-cdk-rfcs#789 aws/aws-cdk-rfcs#789

2.230.0-alpha.0 (2025-11-26)

Features

• bedrock-agentcore-alpha: update resources on grantInvokeXXX for runtime (#35864) (5dad62f)
• imagebuilder-alpha: add support for Image Pipeline Construct (#36153) (d8c324a), closes aws/aws-cdk-rfcs#789 aws/aws-cdk-rfcs#789
• imagebuilder-alpha: add support for Lifecycle Policy Construct (#36152) (7e31eb6), closes aws/aws-cdk-rfcs#789 aws/aws-cdk-rfcs#789
• mixins-preview: adds LogDelivery Mixins for 47 resources (#36158) (6607ce9)
• mixins-preview: vended log deliveries (#36138) (69442a8)
• mixins-preview: helpers to generate EventBridge event patterns for 26 services (#36121) (073185d)

... (truncated)

Commits

• c296465 chore(release): 2.233.0 (#36444)
• 59d2553 chore: Update CHANGELOG for version 2.233.0
• 1013a07 chore(release): 2.233.0
• 84de157 chore(cdk-build-tools): rosetta: snippet merging prevents effective caching (...
• ba011fd chore: add provenance tracking to rosetta build cache (#36438)
• 7395b41 fix(ecs): removal of canContainersAccessInstanceRole instance role (#36362)
• a6077a2 feat: update L1 CloudFormation resource definitions (#36390)
• 33f41d9 ci(security-guardian): modify sec guardian rules to remove false positives (#...
• 8a02998 chore: enable rosetta performance debugging (#36427)
• 01c7d2e fix(region-info): standalone use of @aws-cdk/region-info throws an `Cannot ...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions